archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-16 05:58:45 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
139219 commits 526 branches 1434 tags 865 MiB
Commit graph

68637 commits

Author SHA1 Message Date
Ilija Tovilo
ac42a8de75
Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix missing GC_PERSISTENT_LOCAL flag on accel_globals.key
 2025-01-28 12:55:55 +01:00
Ilija Tovilo
2ad778bc76
Fix missing GC_PERSISTENT_LOCAL flag on accel_globals.key 2025-01-28 12:55:09 +01:00
Ilija Tovilo
c63460c92c
Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  [skip ci] Another flaky macOS phar test
 2025-01-28 12:45:35 +01:00
Ilija Tovilo
b598dbf822
Merge branch 'PHP-8.2' into PHP-8.3 
* PHP-8.2:
  [skip ci] Another flaky macOS phar test
 2025-01-28 12:45:17 +01:00
Ilija Tovilo
01309961bb
Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  [skip ci] Another flaky macOS phar test
 2025-01-28 12:45:10 +01:00
Ilija Tovilo
65b990a1e0
[skip ci] Another flaky macOS phar test 2025-01-28 12:44:24 +01:00
Ilija Tovilo
c1b151020a
Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix cve-2014-3538 test
 2025-01-27 21:49:10 +01:00
Ilija Tovilo
cee3687180
Merge branch 'PHP-8.2' into PHP-8.3 
* PHP-8.2:
  Fix cve-2014-3538 test
 2025-01-27 21:49:03 +01:00
Ilija Tovilo
7bda7ad31d
Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Fix cve-2014-3538 test
 2025-01-27 21:48:47 +01:00
Ilija Tovilo
d17d58a982
Fix cve-2014-3538 test 
Make sure we have a unique test file to work with, and increase the time
for the nojit version to match the default version.

Closes GH-17600
 2025-01-27 20:01:13 +01:00
Ilija Tovilo
1432a13413
Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix inline zend_string using struct padding
 2025-01-27 19:51:47 +01:00
Ilija Tovilo
8ea9b04a23
Fix inline zend_string using struct padding 
As explained by Snape3058: On 64-bit machines, we typically have 7 bytes
of padding between the zend_string.val[0] char and the following char[].
This means that zend_string.val[1-7] write to and read from the struct
padding, which is a bad idea.

Allocate the given string separately instead.

Fixes GH-17564
Closes GH-17576
 2025-01-27 19:50:38 +01:00
Calvin Buckley
25bdbf96cf Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix crash in PDO_ODBC statement dtor (#17586)
 2025-01-27 13:43:21 -04:00
Calvin Buckley
556def741c
Fix crash in PDO_ODBC statement dtor (#17586) 
Port of 2ae897fff7 to PDO_ODBC.
 2025-01-27 13:41:11 -04:00
Gina Peter Banyard
7f321a1313
Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  ext/pdo: Fix a UAF when changing default fetch class ctor args
 2025-01-26 23:37:14 +00:00
Gina Peter Banyard
3027600ffc
ext/pdo: Fix a UAF when changing default fetch class ctor args 
Co-authored-by: Niels Dossche <7771979+nielsdos@users.noreply.github.com>
 2025-01-26 23:32:35 +00:00
Niels Dossche
fc7c353519
Fix GH-17572: getElementsByTagName returns collections with tagName-based indexing, causing loss of elements when converted to arrays 
Only (dtd) named node maps should have string-based indexing.
The ce check is fragile, just check for the presence of an xml hash
table.

Closes GH-17580.
 2025-01-26 16:21:54 +01:00
Niels Dossche
77130794a3
Update test expectation for different Firebird version 
libfbclient 5.0.1 with server 4.0.1 has a different error message and
code.
> Read only sql transaction

Closes GH-17565.
 2025-01-24 22:10:08 +01:00
Gina Peter Banyard
5b06a066f6
Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Add NEWS entries
  Fix crash in firebird statement dtor
  ext/pdo: Fix memory leak if GC needs to free PDO Statement
 2025-01-24 20:22:13 +00:00
Niels Dossche
2ae897fff7
Fix crash in firebird statement dtor 
If both the driver object and statement end up in the GC buffer and are
freed by the GC, then the destruction order is not deterministic and it
is possible that the driver object is freed before the statement. In
that case, accessing S->H will cause a UAF. As the resources are already
released we simply skip the destruction if the driver object is already
destroyed.
 2025-01-24 20:16:12 +00:00
Gina Peter Banyard
99f8ec33d9
ext/pdo: Fix memory leak if GC needs to free PDO Statement 2025-01-24 20:16:12 +00:00
Gina Peter Banyard
d35904adf2
Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  ext/session: Fix GH-17541 (ext/session NULL pointer dereferencement during ID reset)
 2025-01-24 14:10:00 +00:00
Gina Peter Banyard
a85666c17b
ext/session: Fix GH-17541 (ext/session NULL pointer dereferencement during ID reset) 
Closes GH-17541
Closes GH-17546
 2025-01-24 14:04:58 +00:00
Niels Dossche
b448d540c2
Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix type confusion with session SID constant
 2025-01-23 19:03:35 +01:00
Niels Dossche
2a2cc2ccce
Fix type confusion with session SID constant 
Closes GH-17548.
 2025-01-23 19:03:04 +01:00
Dmitry Stogov
63965f1de5
Update IR 
IR commit: 02909bc123845fc2c41ec333b44b6f5ea1a196fe
 2025-01-22 18:30:33 +03:00
Christian Schneider
fa21fce84f
ext/pgsql: Add check for constant PGRES_TUPLES_CHUNK to fix compilation failures 
close GH-17540
 2025-01-21 19:32:38 +00:00
Niels Dossche
25543b4566
Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-17408: Assertion failure Zend/zend_exceptions.c
 2025-01-21 08:21:13 +01:00
Niels Dossche
5344bcca97
Fix GH-17408: Assertion failure Zend/zend_exceptions.c 
`zend_test_create_throwing_resource` sets the exception in the `test`
call frame and unwinds to `main`. It then throws for the `resource`
variable and verifies that the exception opline is set. However, it
wasn't set in `main`, it was set at the `test` call frame and rethrown later.
The assertion is too conservative, but the end result is right, so drop
the assertion.

Closes GH-17533.

Co-authored-by: Ilija Tovilo <ilija.tovilo@me.com>
 2025-01-21 08:20:38 +01:00
Jakub Zelenka
b3c297d88f
Merge branch 'PHP-8.3' into PHP-8.4 2025-01-19 20:38:51 +01:00
Jakub Zelenka
191e16b703
Merge branch 'PHP-8.2' into PHP-8.3 2025-01-19 20:38:19 +01:00
Jakub Zelenka
5d632230ba
Merge branch 'PHP-8.1' into PHP-8.2 2025-01-19 20:37:53 +01:00
Jakub Zelenka
235d1b14a3
Fix GH-17499: mysqli flaky test: ghsa-h35g-vwh6-m678-stmt-row-string 2025-01-19 20:36:12 +01:00
David Carlier
c82e31b026
Fix GH-17516: SplFileTempObject::getPathInfo() crash on invalid class. 
This no longer caught the case where an non SplFileInfo/inherited class
of nwas passed since the refactoring in 8.4.

close GH-17517
 2025-01-19 18:01:02 +00:00
Niels Dossche
7cc8719ee5
Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-17518: offset overflow phar extractTo()
 2025-01-19 13:05:55 +01:00
Niels Dossche
eab209d81d
Fix GH-17518: offset overflow phar extractTo() 
`search` can be the empty string, so we need to check the length before
checking the last char.

Closes GH-17519.
 2025-01-19 13:05:19 +01:00
Niels Dossche
22704af4b8
Cherry-pick lexbor/lexbor@f94d97a3 
Co-authored-by: Alexander Borisov <lex.borisov@gmail.com>
 2025-01-19 11:50:56 +01:00
David Carlier
05a1c04c43
Merge branch 'PHP-8.3' into PHP-8.4 2025-01-17 22:25:24 +00:00
David Carlier
a1d1269688
Fix GH-17469: UConverter::transcode() not hardcoding error handling. 
Respecting instead intl.use_exceptions/intl.error_level.

close GH-17488
 2025-01-17 22:23:27 +00:00
Niels Dossche
0b04061e71
NEWS for GH-17485 
Fixes GH-17485.
 2025-01-17 19:43:08 +01:00
Niels Dossche
d0981864eb
Cherry-pick lexbor/lexbor@e58e1e8c 
Co-authored-by: Alexander Borisov <lex.borisov@gmail.com>
 2025-01-17 19:39:58 +01:00
Niels Dossche
a928b66447
Cherry-pick lexbor/lexbor@ae97abfb 
Co-authored-by: Alexander Borisov <lex.borisov@gmail.com>
 2025-01-17 19:39:12 +01:00
Niels Dossche
4531292ad2
Cherry-pick lexbor/lexbor@e39083b0 
Co-authored-by: Alexander Borisov <lex.borisov@gmail.com>
 2025-01-17 19:39:12 +01:00
Niels Dossche
525aeff070
Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-17500: Segfault with requesting nodeName on nameless doctype
 2025-01-17 19:37:14 +01:00
Niels Dossche
82d71a82aa
Fix GH-17500: Segfault with requesting nodeName on nameless doctype 
Closes GH-17344.
 2025-01-17 19:36:47 +01:00
Niels Dossche
2952e164a9
Fix GH-17481: UTF-8 corruption in \Dom\HTMLDocument 
We need to properly handle the case when we return from having too few
bytes, this needs to be handled separately because the while loop
otherwise just performs a partial byte copy.

Closes GH-17489.
 2025-01-17 16:25:08 +01:00
Niels Dossche
21c170c75a
Fix GH-17486: Incorrect error line numbers reported in Dom\HTMLDocument::createFromString 
Closes GH-17491.
 2025-01-17 16:24:28 +01:00
Derick Rethans
4333009190
Updated to version 2025.1 (2025a) 2025-01-17 11:53:12 +00:00
Derick Rethans
7da1ea4029
Updated to version 2025.1 (2025a) 2025-01-17 11:53:10 +00:00
Niels Dossche
ae3ab37816
Fix GH-17447: Assertion failure when array popping a self addressing variable 
This is the same bug as GH-16957, and fixed in the same way.

Closes GH-17448.
 2025-01-16 20:28:51 +01:00